1. Home
  2. ECCouncil
  3. ECSA
  4. ECSAv10
  5. EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Questions and Answers

Pass the ECCouncil ECSA ECSAv10 Questions and answers with CertsForce

 ECCouncil Exams      Go to Exam Detail      Get Premium Access
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions
Questions # 41:

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

Options:
A.

Avoid cross talk

B.

Avoid over-saturation of wireless signals

C.

So that the access points will work on different frequencies

D.

Multiple access points can be set up on the same channel without any issues

Expert Solution
Questions # 42:

Which of the following scan option is able to identify the SSL services?

Options:
A.

–sS

B.

–sV

C.

–sU

D.

–sT

Expert Solution
Questions # 43:

In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet".

Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down.

What will the other routers communicate between themselves?

Options:
A.

More RESET packets to the affected router to get it to power back up

B.

RESTART packets to the affected router to get it to power back up

C.

The change in the routing fabric to bypass the affected router

D.

STOP packets to all other routers warning of where the attack originated

Expert Solution
Questions # 44:

What is the target host IP in the following command?

Question # 44

Options:
A.

Firewalk does not scan target hosts

B.

172.16.28.95

C.

This command is using FIN packets, which cannot scan target hosts

D.

10.10.150.1

Expert Solution
Questions # 45:

Which of the following will not handle routing protocols properly?

Options:
A.

“Internet-router-firewall-net architecture”

B.

“Internet-firewall-router-net architecture”

C.

“Internet-firewall -net architecture”

D.

“Internet-firewall/router(edge device)-net architecture”

Expert Solution
Questions # 46:

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

Options:
A.

PIPEDA

B.

PCI DSS

C.

Human Rights Act 1998

D.

Data Protection Act 1998

Expert Solution
Questions # 47:

Identify the person who will lead the penetration-testing project and be the client point of contact.

Options:
A.

Database Penetration Tester

B.

Policy Penetration Tester

C.

Chief Penetration Tester

D.

Application Penetration Tester

Expert Solution
Questions # 48:

The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

Question # 48

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.

Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

Options:
A.

Accomplice social engineering technique

B.

Identity theft

C.

Dumpster diving

D.

Phishing social engineering technique

Expert Solution
Questions # 49:

Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

Options:
A.

Testing to provide a more complete view of site security

B.

Testing focused on the servers, infrastructure, and the underlying software, including the target

C.

Testing including tiers and DMZs within the environment, the corporate network, or partner company connections

D.

Testing performed from a number of network access points representing each logical and physical segment

Expert Solution
Questions # 50:

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped.

Question # 50

Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

Options:
A.

Appliance based firewalls cannot be upgraded

B.

Firewalls implemented on a hardware firewall are highly scalable

C.

Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

D.

Operating system firewalls are highly configured

Expert Solution
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions